Hi, I normally wouldn't post that here but considering how quickly after release it happened, here is a copy of the recent win-builds security advisory.
------------------------------------------------------------------------ Package : gnutls CVE ID : CVE-2014-3466 Joonas Kuorilehto discovered that GNU TLS performed insufficient validation of session IDs during TLS/SSL handshakes. A malicious server could use this to execute arbitrary code or perform denial or service. For win-builds 1.4, this problem has been fixed in version 3.1.25-1. You should update your gnutls package. If you are unsure how to update packages, visit the "Package updates" section of the documentation at http://win-builds.org/documentation.html#package_updates Mailing list: [email protected] Subscription: http://win-builds.org/support.html -- Adrien Nader Free Software for windows with package manager: http://win-builds.org ------------------------------------------------------------------------------ Time is money. Stop wasting it! Get your web API in 5 minutes. www.restlet.com/download http://p.sf.net/sfu/restlet _______________________________________________ Mingw-w64-public mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
